boinc/html/inc/db.inc

176 lines
4.2 KiB
PHP
Raw Normal View History

<?php
require_once('../inc/util.inc');
// database-related functions.
// Presentation code (HTML) shouldn't be here
function db_init_aux($try_replica=false) {
$config = get_config();
$user = parse_config($config, "<db_user>");
$pass = parse_config($config, "<db_passwd>");
$host = null;
if ($try_replica == true) {
$host = parse_config($config, "<replica_db_host>");
}
if ($host == null) {
$host = parse_config($config, "<db_host>");
}
if ($host == null) {
$host = "localhost";
}
$retval = mysql_pconnect($host, $user, $pass);
if (!$retval) {
return 1;
}
$db_name = parse_config($config, "<db_name>");
if(!mysql_select_db($db_name)) {
return 2;
}
return 0;
}
function lookup_user_auth($auth) {
$result = mysql_query("select * from user where authenticator='$auth'");
if ($result) {
$user = mysql_fetch_object($result);
mysql_free_result($result);
return $user;
}
return null;
}
function lookup_user_id($id) {
$result = mysql_query("select * from user where id=$id");
if ($result) {
$user = mysql_fetch_object($result);
mysql_free_result($result);
return $user;
}
return null;
}
function lookup_user_email_addr($email_addr) {
$result = mysql_query("select * from user where email_addr='$email_addr'");
if ($result) {
$user = mysql_fetch_object($result);
mysql_free_result($result);
return $user;
}
return null;
}
function lookup_user_name($name) {
$result = mysql_query("SELECT * FROM user WHERE name='".mysql_escape_string($name)."'");
if ($result) {
if (mysql_num_rows($result) == 1) {
return mysql_fetch_object($result);
} elseif (mysql_num_rows($result) == 0) {
return null;
} else {
return -1; // Non-unique username
}
}
return null;
}
function lookup_host($id) {
$result = mysql_query("select * from host where id=$id");
if ($result) {
$host = mysql_fetch_object($result);
mysql_free_result($result);
return $host;
}
return null;
}
function lookup_team($id) {
$result = mysql_query("select * from team where id=$id");
if ($result) {
$team = mysql_fetch_object($result);
mysql_free_result($result);
return $team;
}
return null;
}
function lookup_team_founder($id) {
$result = mysql_query("select * from team where userid=$id");
return $result;
}
function lookup_wu($id) {
$result = mysql_query("select * from workunit where id=$id");
if ($result) {
$wu = mysql_fetch_object($result);
mysql_free_result($result);
return $wu;
}
return null;
}
function lookup_result($id) {
$result = mysql_query("select * from result where id=$id");
if ($result) {
$r = mysql_fetch_object($result);
mysql_free_result($result);
return $r;
}
return null;
}
function lookup_app($id) {
$result = mysql_query("select * from app where id=$id");
if ($result) {
$app = mysql_fetch_object($result);
mysql_free_result($result);
return $app;
}
return null;
}
function lookup_tentative_user($nonce) {
$result = mysql_query("select * from tentative_user where nonce='$nonce'");
if ($result) {
$tu = mysql_fetch_object($result);
mysql_free_result($result);
return $tu;
}
return null;
}
// apply this to any user-supplied strings used in queries
//
function boinc_real_escape_string($x) {
if (version_compare(phpversion(),"4.3.0")>=0) {
return mysql_real_escape_string($x);
} else {
$x = str_replace("'", "\'", $x);
$x = str_replace("\"", "\\\"", $x);
return $x;
}
}
// Process user-supplied text prior to using in query;
// trims whitespace and escapes quotes.
// Does NOT remove HTML tags.
//
function process_user_text($value) {
$value = trim($value);
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
return boinc_real_escape_string($value);
}
// escape a string for MySQL "like"
//
function escape_pattern($str) {
$str = str_replace('_', '\\\\_', $str);
$str = str_replace('%', '\\\\%', $str);
return $str;
}
?>